Gpg
Vai alla navigazione
Vai alla ricerca
GPG primer
Sources:
- https://davidwinter.dev/managing-gpg-with-keybase/: how to export keys to pgp.mit.edu et sim.
- https://github.com/pstadler/keybase-gpg-github: signed commits
- using-keybase-for-ssh-with-gpg-agent-on-macos: my starting resource, configure gpg-agent
- https://opensource.com/article/19/4/gpg-subkeys-ssh: big help with ~/.gnupg/sshcontrol
- How to use a GPG key for SSH authentication: great resumé on gpg-agent setup
Modify expiration date
$ gpg --keyid-format SHORT --list-keys francesco.malvezzi@unimore.it
pub rsa4096/7635D5FA 2015-06-10 [SCA] [expires: 2025-06-07]
E4D183BF57B5D0E4755651A703A5EB897635D5FA
uid [ultimate] Francesco Malvezzi <francesco.malvezzi@unimore.it>
sub rsa4096/2CED909F 2015-06-10 [E] [expires: 2025-06-07]
pub rsa2048/B5B53BBB 2019-06-04 [SC] [expired: 2020-06-03]
EFC2A973249908A6AF7BB31815C71F3CB5B53BBB
uid [ expired] Francesco Malvezzi <francesco.malvezzi@unimore.it>
$ gpg --edit-key 7635D5FA
[...]
gpg> expire
[...]
gpg> key 1
gpg> expire
[...]
gpg> save
Modify key trust
$ gpg --edit-key 7635D5FA [...] Please decide how far you trust this user to correctly verify other users' keys (by looking at passports, checking fingerprints from different sources, etc.) 1 = I don't know or won't say 2 = I do NOT trust 3 = I trust marginally 4 = I trust fully 5 = I trust ultimately m = back to the main menu Your decision? 5 Do you really want to set this key to ultimate trust? (y/N) y [...]
Delete subkey
$ gpg --list-keys --with-subkey-fingerprints francescm@duck.com
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 6 signed: 1 trust: 0-, 0q, 0n, 0m, 0f, 6u
gpg: depth: 1 valid: 1 signed: 0 trust: 1-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2024-10-21
pub rsa4096 2023-03-08 [SC] [expires: 2039-03-04]
90A7D4C7EB237FE2C89E130E96C5E4735A1FB5EB
uid [ultimate] Francesco Malvezzi <francescm@duck.com>
sub rsa4096 2023-03-08 [E] [expires: 2039-03-04]
8F082ED70AA3D378C34AE70468387D99570C7FF7
sub rsa4096 2023-03-08 [A] [expires: 2039-03-04]
79C413784C4223F844816EE9664E14874939DB59
$ gpg --delete-secret-and-public-keys 79C413784C4223F844816EE9664E14874939DB59!
[...]
Push your updated key to Keybase
keybase pgp update
Ready to ssh-agent
You need to add the keygrip to `~/.gnupg/sshcontrol`.
$ gpg2 -K --with-keygrip francescm@duck.com